Tomislav Tomi Nikolic
Tomislav Tomi Nikolic

Reputation: 638

SHA 512 hashing and verifying

Alright so Im trying to verify password with SHA 512, but no matter what it still returns false like the hash check is not correct.

Generating hash when registering

$hashed = password_hash(hash('sha512', $password), PASSWORD_DEFAULT);

And to verify (upon login) I use simple

public function isValidLogin($username, $password) {
    $sql = $this->connect();
    $sql->real_escape_string($username);
    $sql->real_escape_string($password);

    $res = $sql->query("SELECT password FROM users WHERE name='".$username."'");

    if ($res->num_rows >= 1) {
        while($row = $res->fetch_assoc()) {
            if (password_verify(hash('sha512', $password), $row['password'])) {
                return true;
            }
        }
    }

    return false;
}

Upvotes: 8

Views: 41712

Answers (2)

tfont
tfont

Reputation: 11253

// original password
$_password = 'bluebeans123';

$password = hash('sha512', $_password);
$password = password_hash($password, PASSWORD_DEFAULT);

var_dump($password);

$verify = hash('sha512', $_password);
$verify = password_verify($verify, $password);

var_dump($verify);

Elaborate example: http://wiki.travisfont.com/PHP:Passwords(hash_w/_SHA512)

Upvotes: 5

Geordy James
Geordy James

Reputation: 2408

Try this code at time of registering instead of your code.

 $hashed = hash("sha512", $password);

Upvotes: 15

Related Questions